Army signals security & "Clansmen" series radios

[Owen Lewis]

----- Original Message -----
From: "Brian Gladman" <brg@gladman.plus.com>
To: <ukcrypto@maillist.ox.ac.uk>
Sent: 08 September 2000 10:14
Subject: Re: Army signals security & "Clansmen" series radios


> A big problem with the terminology of PK systems is that it encourages
> people to assume that the 'public key' parts of keys have to be public.

True but not a problem one often finds in this list.
>
 This is most certainly not the case since they only have to be known by
> those with whom the key owners need to communicate.

Well there lies the first consideration in a military and in some other
hierarchical organisations it simply is not sensible to tie information
availability to an individual.  Rather, availability will be, at the
closest, restricted to an office address and may, more commonly be released
to subsstantial element of the hierarchy branches.

A second consideration is a single desk (appointment) may have as many as
three occupants every 24 hours. In war (which is what the whole organisation
is about) it is by no means impossible that there will be a dozen occupants
of a single appointment in as little as a week. Some changes will be planned
and others will be ad hoc.

A third consideration is that if PK rings are seized, there is a potential
both to glean intelligence and also to create chaos that is for more limited
with the use of other systems.

A fourth consideration is that the originators and recipients of information
in no way own that information, rather that it is owned by the organisation
that requires to work smoothly when individuals suddenly and randomly
disappear. This supposes a from of key escrow as essential to the security
of the organisation. As has been hacked to death here and elsewhere key
escrow destroys much of the benefits that accrue from the use of a PKI .
Ergo, PK systems may not be the best for a wide range of applications.

Of course, the attraction that managment of PKI is relatively cheap remains.
I do not say that it is impossible to apply PK systems to such an
environment but rather I observe that they are surely not striking
candidates.

> .....In practice the most difficult issue in the effective widespread use
of
> cryptography lies in key management and key distribution and this is an
area
> where the cryptography and the business processes have to go hand in hand.

Perhaps expensive in resources rather than difficult per se?

> PK technologies offer major potential advantages here for both defence and
> commercial applications

Well, for general application rather than a handful of special purpose
applications, I cannot see a case for the adoption of PK by the military.


> but I don't expect there to be much read across
> (except, possibly, at the technology level) because there is almost no
> correspondence between military and commercial business processes
involved.

Too sweeping for me. Rather, I would say that with so many different
processes under each label, a main point of interest being  the commonality
of so many.

>
> [snip]
> > Patently, it is possible to use PK systems for diplomatic/military
> > communication functions. The question is, whether those systems have a
> > balance of advantage that should promote such use or whether the balance
> is
> > one of disadvantage. If, as I believe, the balance may be strongly one
of
> > disadvantage, the hypothesised disadvantages perhaps provide a
perspective
> > to help evaluate the suitability of  PK systems in other environments.
> > That's the game I was proposing, rather than to suggest that there is
some
> > fatal flaw in the PK per se. If weaknesses there be, it seems to me that
> > these are for more likely to be found in either flawed or simply
> > inappropriate use.
>
> IMHO your last sentence is spot on.

Well, from that common ground, it will be interesting to see if, overtime
the area of commonality will grow. Logically, it should - but then so much
in life is not strictly logical.